Every CVE whose affected-product data names Igniterealtime Smack, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2016-10027 — CVSS 5.9 (medium): Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle…
CVE-2014-0363 — CVSS 5.8 (medium): The ServerTrustManager component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify basicConstraints and…
CVE-2014-0364 — CVSS 5.0 (medium): The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify the from attribute of a roster-query IQ…